Bommagouni Sagar
Hyderabad
Summary
I'm a highly motivated IT Audit and ITGC specialist with 7 years of experience at Cyient Pvt Ltd, including an initial year in Planning and Designing. My core expertise lies in ensuring IT compliance and fortifying internal controls through comprehensive ITGC audits, SOX 404 assessments, and meticulous access management reviews. I possess a strong ability to analyses complex systems, document findings, and recommend effective remediation strategies. My background in both planning/design and ITGC provides a unique perspective in bridging technical understanding with compliance requirements.
Overview
9
9
years of professional experience
1
1
Certification
Work History
Senior IT Auditor
CYIENT LTD
03.2018 - Current
- Led internal IT audits covering access and change management, identity governance, and SOX 404 compliance, ensuring adherence to regulatory standards and mitigating potential risks.
- Applied my knowledge of SOC 1 & 2 and SOX 404 throughout the audit process, from initial planning to final execution. This resulted in a quantifiable reduction in identified control deficiencies and contributed to the development of more robust control environments.
- Applied COBIT principles and frameworks to enhance IT governance and ensure alignment with business objectives.
- Contributed to establishing effective IT governance processes by applying knowledge of COBIT domains, including Plan and Organize, Acquire and Implement, Deliver and Support, and Monitor and Evaluate.
- Maintained a strong security posture by monitoring, tracking, and assessing compliance with key frameworks such as ISO 27001, ISO 22301, and SOC 2.
- Regularly reviewed and tested user provisioning/de-provisioning processes across diverse platforms, identifying and resolving access-related risks and strengthening overall security posture.
- Performed provisioning and de-provisioning control testing within Active Directory groups, maintaining appropriate user access levels and preventing unauthorized privileges.
- Identified critical vulnerabilities and control weaknesses within High Privileged Access Control (HPAC) environments, providing actionable remediation recommendations that were Quantifiable result.
- Conducted comprehensive HPAC audits, assessing security control effectiveness and pinpointing vulnerabilities, resulting in the implementation of policy changes that significantly bolstered privileged access security.
- Facilitated Change Advisory Board (CAB) meetings, assessing risks, prioritizing changes, and enforcing authorization protocols, leading to a Quantifiable improvement, e.g., 25% decrease in critical IT incidents post-change and streamlined deployment of vital IT updates.
- Developed and implemented standardized Change Management policies, procedures, and communication strategies, fostering greater stakeholder buy-in and achieving a Quantifiable achievement, e.g., 20% increase in successful change adoption rates while minimizing business disruptions.
- Engaged with internal teams and external auditors, ensuring alignment of expectations, communicating audit findings effectively, and facilitating seamless audit processes.
- Mentored junior auditors through review of their work papers and documentation, providing targeted feedback that enhanced their audit skills and understanding of core methodologies, contributing to a more skilled and efficient audit team.
- Conducted thorough reviews of audit work papers, ensuring comprehensive documentation of evidence and the robust support of all audit conclusions, thereby upholding the integrity and reliability of audit findings.
- Communicated with Internal Auditors throughout the audit lifecycle, fostering strong understanding and alignment that streamlined the audit process and ensured timely resolution of issues.
Design Specialist, Tech Support Executive, & GIS Engineer
CYIENT LTD INDIA
03.2018 - 03.2019
- Vital role in scheduling process workflow steps to meet client's requirements and ensuring timely deliveries.
- Maintaining accurate records on Telstra Database and adapting new process strategies for regular data maintenance.
- Involved in managing multiple scopes as per Manager & Client Requirements, handling quality control as per the project specifications/checklist, and ensuring high-quality deliverables.
- Authorized to investigate addresses using Australian Government sites, Council sites & Google Maps and verifying them through calls to Australian Councils, businesses, and residential customers.
- Actively participating in quality governance meetings with clients and providing regular updates.
- Verifying the team's clarification documents and reject analysis documents before sending them to the Client to ensure accuracy and completeness.
Networking Design & Support Engineer
WIPRO PVT INDIA
03.2016 - 03.2018
- Prepared master list for cable installations by entering large to small cable information in manholes.
- Generated splice overview reports by entering every cable information in splice locations.
- Prepared equipment reports by entering cable numbers.
- Checked splice reports and pull plan reports provided by the production team.
- Verified cable annotation and splice information for accuracy.
- Reviewed situation plans for all designs provided as input.
- Prepared work locker reports for efficient operations and project delivery.
- Alleging the cables from manhole to cabinet and annotating the names.
- With the given input check the cable performance and update the required nodes and pits.
- Contacting the technician and provide the exact information of bands for IPV$ and IPV6.
Education
Bachelor of Electronic Engineer - Production
Chilkur Balaji Institute of Technology
01.2014
Skills
- Vendor Risk Assessment
- Internal Audit Review
- Compliance Management
- Access Management
- Collaboration
- SOX Compliance
- Active Directory User Management
- Change Management
- High-Privileged Access Management
- Communication
- SOC 1, 2, 3 Knowledge
- Risk Management
- Policy and Regulation Review
- Security Standards Development & Implementation
Certification
- Certificate in AI and MI, NASSCOM, 2023
- Certificate in BSNL-Fiber Optical Communication, 2023
- Certified in Software Licensing and Compliance Awareness, Cyient, 2022
Accomplishments
- Awarded Bronze Team of the Month for March, CYIENT, 2023
- Recognized as a Bronze Associate of the Month, CYIENT, 2020 & 2021
Timeline
Senior IT Auditor
CYIENT LTD
03.2018 - Current
Design Specialist, Tech Support Executive, & GIS Engineer
CYIENT LTD INDIA
03.2018 - 03.2019
Networking Design & Support Engineer
WIPRO PVT INDIA
03.2016 - 03.2018
Bachelor of Electronic Engineer - Production
Chilkur Balaji Institute of Technology
Similar Profiles
Varun Sai NelapatlaVarun Sai Nelapatla
Technical Writer at Cyient LtdTechnical Writer at Cyient Ltd
Jyothi Swaroop VittanalaJyothi Swaroop Vittanala
TEKLA DESIGNER at CYIENT LTDTEKLA DESIGNER at CYIENT LTD
Vibhu Tumbalam GootyVibhu Tumbalam Gooty
Design Engineering Intern at Cyient LtdDesign Engineering Intern at Cyient Ltd
Rupesh GopisettyRupesh Gopisetty
Market Research Executive at Taxilla IT Solutions Private LimitedMarket Research Executive at Taxilla IT Solutions Private Limited
Adithya BuddhirajuAdithya Buddhiraju
Game Tester at The QubeGame Tester at The Qube